5条安全提示，以保护您的企业资产安全-CSDN博客

After sabotaging large-scale enterprises, city IT infrastructure, and even the busiest airports of the world, cybercriminals seem to have found a new sweet spot to target their malicious crimes. A vulnerable spot is not only burgeoning in size but is also largely undermined as a cybercrime target.

在破坏了大型企业，城市IT基础设施，甚至是世界上最繁忙的机场之后，网络犯罪分子似乎已经找到了针对其恶意犯罪的新目标。脆弱点不仅在规模上Swift发展，而且在很大程度上已被破坏为网络犯罪目标。

Small businesses it is. Small businesses are usually run by entrepreneurs, either singly or with a handful of employees who are working rigorously to grow the business. Naturally, something like cybersecurity would rank at the bottom of their priorities.

是小型企业。小型企业通常由企业家经营，或者单独经营，或者由少数为发展企业而努力工作的员工经营。自然，诸如网络安全之类的问题将排在其优先考虑的最底层。

Amidst all the hurry-burry of building the business, putting processes into place, and winning customers, there is hardly any time left to introspect about cybersecurity and its business impact. It is this negligence from the part of small businesses that are making cybercriminals point their crosshairs on them. According to Verizon’s 2019 Data Breach Investigations

在建立业务，实施流程并赢得客户的所有急事中，几乎没有时间来反思网络安全及其业务影响了。正是小型企业的这种疏忽使得网络犯罪分子将他们的准绳指向了他们。根据Verizon的2019年数据泄露调查

Report, 43% of cyber-attacks target small businesses.

报告称，网络攻击中有43％针对小型企业。

“Hello, friend! I have some bad news for you. Your files have been encrypted!” Thus began the email that Joe received one fine morning when he opened his email. It was an email that signaled that his system was under a ransomware attack. Along with Joe, several other colleagues got the mail implying that the whole company was under attack. Within a few minutes, their systems were locked down and a ransom payment in bitcoins was demanded through an on-screen message.

“你好朋友！ 我有个坏消息要给你。 您的文件已加密！” 于是，乔打开了电子邮件的那天早上收到的电子邮件开始了。这是一封电子邮件，表明他的系统受到了勒索软件的攻击。与乔一起，其他几位同事也收到了邮件，暗示整个公司都在遭受攻击。几分钟后，他们的系统被锁定，并通过屏幕上的消息要求赎金支付比特币。

Countless small businesses around the world have been taken down by hackers asking a ransom in return. Can businesses protect themselves from this inevitable attack of cybercriminals?

黑客要求赎金作为回报，摧毁了全世界无数的小型企业。企业能否保护自己免受网络犯罪分子不可避免的攻击？

Turns out there are some ways businesses — both big and small can put up their defenses to secure them from cybersecurity crimes. Some such ways are discussed below:

事实证明，无论大小，企业都可以采取一些措施来防御网络安全犯罪。下面讨论了一些这样的方式：

End-point security
端点安全

Endpoint security or Endpoint protection refers to the measures taken to protect devices that are remotely connected to a network. For example, laptops, tablets, mobile devices used by remote employees to connect to corporate networks are endpoints. Ensuring the physical and digital security of these devices forms part of endpoint security. If these endpoints are not properly secured, they can act as potentially vulnerable points for hackers to sneak their way into the corporate network and steal data. End-point security can be ensured with the help of endpoint security software like antivirus software, malware detection systems, etc.

端点安全性或端点保护是指为保护远程连接到网络的设备而采取的措施。例如，远程员工用来连接公司网络的笔记本电脑，平板电脑和移动设备就是端点。确保这些设备的物理和数字安全性是端点安全性的一部分。如果这些端点没有得到适当的保护，它们可能会成为黑客潜在的易受攻击点，从而潜入公司网络并窃取数据。可以通过端点安全软件(例如防病毒软件，恶意软件检测系统等)来确保端点安全。

2. Fortify website security

2. 加强网站安全性

In this mobile-first-age, websites happen to be the primary source through which customers contact businesses. Websites are used to find business information as well as to conduct online transactions. This involves both eCommerce as well as other activities like sharing personal contact information like email or phone number for furthering business relationships.

在这种移动时代，网站恰好是客户联系企业的主要来源。网站用于查找业务信息以及进行在线交易。这涉及电子商务以及其他活动，如共享个人联系信息(如电子邮件或电话号码)以促进业务关系。

Additionally, there are also financial transactions that are conducted online, like banking and insurance which are critical in nature. Even the slightest security mishap can result in personal identity or financial data theft. Businesses must take precautionary measures to ensure that customer data is not compromised in any way. Encryption can help to secure online transactions without breaking the bank balance severely.

此外，还有一些在线进行的金融交易，例如银行和保险，这些交易本质上至关重要。即使是最轻微的安全事故，也可能导致个人身份或财务数据被盗。企业必须采取预防措施，以确保不会以任何方式破坏客户数据。加密可以帮助确保在线交易的安全，而不会严重破坏银行的余额。

3. Ensure GDPR compliance

3. 确保符合GDPR

GDPR stands for the General Data Protection Regulation, a recent European Union regulation that was enacted to protect the personal data of users and also to govern the collection and processing of user data General Data Protection Regulation.

GDPR代表《通用数据保护条例》，这是欧盟最近颁布的一项法规，旨在保护用户的个人数据并管理用户数据的通用数据保护条例的收集和处理。

GDPR compliance is necessary for several reasons. First, it ensures that your business is on the right side of the law. As a result, you will be spared from the hefty fine of Up to €20 million, or 4% of annual global turnover — whichever is greater. Complying with GDPR requirements will also streamline your business processes thereby ensuring long-term cybersecurity of the business.

出于几个原因，必须遵守GDPR。首先，它可以确保您的业务在法律的右边。这样一来，您就可以免除高达2000万欧元的巨额罚款，或者占全球年营业额的4％(以金额较大者为准)。符合GDPR要求还将简化您的业务流程，从而确保业务的长期网络安全。

4. Regular data backups

4. 定期数据备份

Cybersecurity affect businesses in one unmistakable way. It deprives them of data that is necessary to keep the business running smoothly. Of course, there is the cloud where all data can be stored for remote access. But, when a cybersecurity incident happens, most probably your data in the cloud would also be compromised.

网络安全以一种明确的方式影响企业。它剥夺了他们保持业务平稳运行所必需的数据。当然，在云中可以存储所有数据以进行远程访问。但是，当发生网络安全事件时，很可能您的云中数据也会受到威胁。

It is better to be prepared for the worst-case scenario than to be at a loss when the tragedy happens. Such preparation comes in the form of regular data backups. Like any other process that is carried out on a periodical basis, make sure you take regular data backups of your business data. Ensure that the backed up data is stored in offline drives where they are far from the reach of cybersecurity criminals.

最好为最坏的情况做好准备，而不是在悲剧发生时不知所措。此类准备工作以定期数据备份的形式进行。像其他任何定期执行的过程一样，请确保对业务数据进行定期数据备份。确保备份的数据存储在脱机驱动器中，这些数据远离网络安全犯罪分子。

5. Background checks for IT vendors

5. IT供应商的背景调查

As a growing and thriving business, your business will have to engage multiple IT vendors. These vendors could be engaged in supplying UT hardware, software development services, or even for performing some of your core activities that are outsourced.

随着业务的增长和蓬勃发展，您的业务将不得不聘请多家IT供应商。这些供应商可能会提供UT硬件，软件开发服务，甚至进行外包的某些核心活动。

To ensure that your organizational data is not compromised and is protected at the endpoints, make it a practice to carry out background checks for IT vendors. Trace their physical business location, carry out independent vetting of their past operations, and also get signed documents from the vendors that they will follow stringent security measures while dealing with your business data.

为确保您的组织数据不会受到破坏并在端点受到保护，请对IT供应商进行后台检查。跟踪他们的实际业务位置，对他们过去的操作进行独立审核，并从供应商处获得签署的文档，证明他们在处理您的业务数据时将采取严格的安全措施。

Final Thoughts

最后的想法

Technology has helped businesses to grow without any restraints. The same technology has also created a web of vulnerabilities that can trap naive businesses. It is mandatory for businesses of all scales to take cybersecurity seriously. They must put in place the right measures to ensure that the business remains immune to cybersecurity attacks. These 5 security tips can help with that.

技术已帮助企业发展不受任何限制。相同的技术还创建了一个漏洞网，可以捕获幼稚的企业。所有规模的企业都必须认真对待网络安全。他们必须采取正确的措施，以确保企业不受网络安全攻击的影响。这5个安全提示可以帮助您解决这一问题。